>>> In an IKE_AUTH>>> exchange, or in the subsequent INFORMATIONAL exchnage, only the>>> following notifications cause the IKE SA to be deleted or not>>> created, without a DELETE payload:>>> o UNSUPPORTED_CRITICAL_PAYLOAD>>> o INVALID_SYNTAX>>> o AUTHENTICATION_FAILED>>>>>> Extension documents may define new error notifications with these>>> semantics, but MUST NOT use them unless the peer is known to>>> understand them.>>>> In subsequent INFORMATIONAL exchanges the UNSUPPORTED_CRITICAL_PAYLOAD>> should not be fatal. It only means that the responder ignored the>> whole message and replied with UNSUPPORTED_CRITICAL_PAYLOAD. That does>> not delete IKE SA.>>>> For the IKE_AUTH the UNSUPPORTED_CRITICAL_PAYLOAD can delete the IKE>> SA as IKE SA is not yet ready.>>That's what I meant. I will clarify this.
I would not expect INVALID_SYNTAX to cause the IKE SA to be deleted
either.